GUIDE. Navigating the General Data Protection Regulation Mini Guide

Size: px
Start display at page:

Download "GUIDE. Navigating the General Data Protection Regulation Mini Guide"

Transcription

1 GUIDE Navigating the General Data Protection Regulation Mini Guide

2 Introduction The General Data Protection Regulation (GDPR) will deliver a long overdue modernization and harmonization of privacy and data protection laws across the EU. It replaces legislation that was drafted before phones became smart and the cloud came to transform business. Much has been written about penalties associated with non-compliance with the GDPR and they can be severe. But rather than focus on fines, security professionals should think about the GDPR as a golden opportunity. A chance to focus the C-suite on the best practice privacy and data protection practices we have been championing for years. 1. Need to know the essential GDPR facts 2. How GDPR-ready is your organization? 10 questions to ask 3. The capabilities needed to become GDPR ready 4. Measuring security outcomes This guide will help you prepare for the GDPR. It outlines the key facts and figures, the questions organizations should ask to help assess their stage of readiness, and a comprehensive toolkit to help develop the capabilities needed to become GDPR-ready. Finally, we offer a short reference sheet covering the key information security professionals need to be prepared. 2 Navigating the General Data Protection Regulation Mini Guide

3 1. Need to know the essential GDPR facts The General Data Protection Regulation (GDPR) was approved by the EU Parliament on 14 April It will be enforceable on 25 May The GDPR replaces the Data Protection Directive 95/46/EC and was developed to harmonize data privacy laws across Europe and strengthen rights for individuals. As a regulation (not a directive), it will apply immediately in all EU territories. There is no need for countries to pass individual laws. The fines associated with breaching GDPR are considerable with the highest penalties resulting in fines of up to 20m or 4% of annual global turnover, whichever is greater. Data protection by design is a core principle for the GDPR. This means that data protection and privacy should be a priority in all organizations, not an afterthought. 25 May 2018 GDPR is enforceable Replaces outgoing Data Protection Directive 95/46/EC A regulation, not a directive Fines up to 20m or 4% of global turnover Data protection by design, not by afterthought 3 Navigating the General Data Protection Regulation Mini Guide

4 2. How GDPR-ready is your organization? The GDPR is a huge piece of legislation. Where does an organization start? We brought together a team of privacy, compliance, and technology experts to list the key questions any company should think about in relation to GDPR compliance. For many organizations, the questions are: Where to start? and Where do we prioritize? Business leaders and security executives should take a critical look at their existing data security programs and then ask the 10 questions below. Account managers and pre-sales engineers should use these discovery questions in conversations about GDPR with customers. 1. Is there a culture of data security and awareness in our organization? It s essential that all people from executives to users, administrators, and developers be trained, certified, and ready to foster a culture of data security and privacy by design within the organization. In many circumstances, preparing for the new regulation requires the appointment of a data protection officer, who is responsible for organizational compliance and communication with supervisory authorities. This new role and executive sponsorship are essential to positive culture change in an organization. 2. Do we know what privacy-related data we collect and where it is stored? An overriding principle of the GDPR is data minimization only collect the data that is required to provide goods or services. By understanding what data an organization collects, the organization is able to better focus its compliance rather than applying a blanket, costly approach. Secondly, you can t ensure the protection of data if you don t know the key repositories, applications, and business processes. Many data loss prevention programs fail because of this very issue. Data is everywhere today, and it is increasingly stored on mobile devices and cloud systems, creating more potential exposure to attack or misuse. A key consideration should be to implement a continuous data discovery, inventory, and classification program that involves a crossfunctional team of business data owners, security operations team members, and data security professionals. For many organizations, the questions are: Where to start? and Where do we prioritize? 4 Navigating the General Data Protection Regulation Mini Guide

5 3. Do we employ encryption for data protection? Encryption is a key mitigation factor for accidental and malicious data loss incidents and should be employed where possible to protect data at rest or in motion, particularly on mobile devices such as laptops, as well as data uploaded to cloud services. McAfee research report, Building Trust in a Cloudy Sky, 1 indicates that 74% of organizations store sensitive data in the cloud. Additionally, McAfee research on data exfiltration techniques indicates that over a third of data breaches have occurred in the cloud. 4. Is a data security project currently in place or is one planned for this year? Establishing a data security program that includes host- and network-based control policy enforcement points is essential to prevent or detect accidental data loss or malicious data theft incidents. With the regulation coming into force in May 2018 and the complicated nature of implementing effective data security controls, organizations should allocate necessary resources as soon as possible. 5. Do we have an existing in-house application security program? Many enterprises develop a significant number of their business applications in house. These applications are often internet-accessible and house private customer data. According to Verizon s 2016 Data Breach Investigations Report, 2 web application attacks represent the highest incident classification pattern. As many organizations are implementing continuous DevOps, it is ever more important to build in a secure-by-design approach. Some key security controls to consider include secure coding practices and training for developers, application log collection, regular penetration testing, and perimeter network intrusion prevention systems. 6. Do we know where all of our databases are located and the types of data they store? Databases often house the crown jewels of an organization particularly customer-related data. However, too many organizations deploy only basic security controls, do not patch regularly because of application downtime, and rely on administrators for activity monitoring. Additionally, many databases are deployed for testing and development; production data in these creates another risk for sensitive data exposure. For GDPR readiness, you should consider key actions such as discovery of on-premise and hosted databases, review of database security procedures, deployment of additional protection against vulnerability exploitation attacks, and creation of specific database breach use cases in security operations. For third-party hosted databases, a review of contracts with the hosting companies and assessment of their security posture is recommended. Databases often house the crown jewels of an organization particularly customer-related data 5 Navigating the General Data Protection Regulation Mini Guide

6 7. How do we account for cloud software-as-aservice applications that house private data? Used by almost every organization, cloud applications range from business apps like Salesforce to cloud storage services like Box. While the cloud provider has responsibility for infrastructure security, the organization is still responsible for protecting data and monitoring user activity. Two key GDPR-related security controls to consider here are Cloud Access Security Brokers (CASBs) and employment of user behavior analytics that can help control access as well as identify and respond to unusual account activity. 8. How are we controlling privileges and privileged user activity, particularly with cloud services? According to Verizon s 2016 Data Breach Investigations Report, 3 privilege abuse is the top-reported type of insider threat. Insider actions are among the most difficult to detect, with the average organization taking months to discover such incidents. Additionally, cloud services are presenting an increasing attack surface: reducing, controlling, and monitoring privileged user activity is a key consideration for GDPR compliance and data protection in general. 9. What is the status of our advanced malware protection plans? Verizon s 2016 Data Breach Investigations Report 4 found that almost 60% of malware incidents involved malware designed to steal or export data. Spear phishing is the most common way of delivering malware that gives an attacker persistent access to a system. Once inside the network, an attacker using this approach employs stolen credentials to access sensitive systems and encrypted channels to exfiltrate data. In addition to advanced malware protection at the endpoint, consider protection solutions that can inspect HTTPS as the most common exfiltration channel. 10. Does Security Operations have pre-planned data breach detection use cases? GDPR requires that an organization report a data breach within 72 hours. This implies the capability to identify a breach in that time frame. The recent SANS 2017 Incident Response Survey 5 found that just about 84% of organizations had at least one dedicated incident response team member, but only 53% of organizations considered themselves in a mature or maturing state for incident response. However, even in mature security operations centers, data breach incidents are difficult to identify, investigate, and respond to, especially at speed. A key consideration for GDPR readiness is to consolidate security data in a SIEM and employ user entity behavior analytics (UEBA) to identify anomalous behavior. 6 Navigating the General Data Protection Regulation Mini Guide

7 3. The capabilities needed to become GDPR ready Getting ready for the GDPR is really about changing organizational culture as it relates to privacy, personal data protection, and cybersecurity in general. You can explore the background to this in more detail on the Securing Tomorrow blog. The organizational capabilities needed can be looked at in four main ways: governance, people, processes, and technology. We ll cover cybersecurity in more depth. Protection Detection Correction Governance Establish executive awareness and board-level support for cybersecurity and data protection Establish a security operations center and staff for 24/7 activity Appoint a data protection officer with appropriate authority to enforce compliance standards, to the extent that is necessary Design a continuous compliance monitoring and assessment program for proactive compliance checks Establish an information security management program based on industry-accepted frameworks (NIST, ISO27001, SABSA) and controls (SANS, etc.) Foster a positive and collaborative culture of data security with the employees and business partners Embed incident response and data protection language into cloud service provider and third-party supplier agreements People Train and certify application developers on secure coding practices Train and certify end users on data protection Train and certify domain and technology administrators on secure configurations, responsibilities, and best practices Train and certify domain and technology administrators on secure configurations Train all users and administrators on data breach reporting procedures and responsibilities Train and certify incident handlers on data breach reporting and handling requirements Develop coaching mechanisms for positive reinforcement of data protection policies Establish link between human resources and security for data protection policy violation handling Establish a crisis action team to manage breach response actions Processes Establish a continuous application security testing process Perform regular scans for databases and other sensitive data repositories Embed data protection language into cloud provider and other third-party supplier agreements Continuously review privileges and access rights to sensitive data repositories and applications Develop a continuous data classification Continuously monitor for data-at-rest encryption status across endpoints, data center, and cloud servers Develop breach detection and response playbooks to identify accidental or malicious data loss scenarios Continuously monitor for data breach scenarios Develop reporting procedures to report data breaches to authorities within the required timeline Embed incident detection language into cloud provider and other third-party supplier agreements Exercise the crisis action team at least once per year Develop response actions to isolate and fully understand the scope of a breach within four hours Develop a continuously monitored vulnerability correction system for DevOps Develop response action playbooks and rehearsals incorporating IT, SecOps, HR, PR, executive leadership, and business unit representatives Technology Advanced anti-malware solutions using signatures, intelligence, and behavioral analysis capability across end-user devices and servers Encryption for data at rest on end-user devices, servers, and databases Intrusion prevention systems for workload and application security Network data loss prevention for data-in-motion security Endpoint data loss prevention for data-in-use and in-motion security on end-user devices Database Activity Monitoring to protect enterprise applications from exploit Cloud Web Security Gateways for mobile data and threat prevention Cloud Security Brokers to provide visibility and control of data in SaaS applications Central visibility and policy management for data loss prevention and encryption tools Security Information and Event Management system for real-time incident detection and forensics Log collection system with capacity for at least six months but up to one-year storage for critical sensor and data sources Secure evidence repository for data loss incident investigations Endpoint detection and response tools with traffic and user activity history for incident triage User behavior analytics to identify suspicious activity on enterprise and cloud applications Automated policy-based encryption for data in motion on , web, and cloud traffic Response action tools capable of host, network, application, data, and user isolation to contain a breach 7 Navigating the General Data Protection Regulation Mini Guide

8 4. Measuring security outcomes The table below provides a more comprehensive view on the key capabilities needed to meet the security outcomes of a GDPR-ready organization: Protection Detection Correction Neutralize Threats Prevent known or unknown malware installation on end-user devices, databases, and servers Prevent application exploits that led to unauthorized access and data loss Limit and control end-user and administrator privileges Identify, investigate, and validate malware infections wherever they occur Identify, investigate, and validate exploit attempts on applications that host private data Identify, investigate, and validate exploit attempts on databases that host private data Automatically share malware intelligence across sensors and control points Isolate infected hosts or systems using pre-planned response and automated actions Block malicious files on endpoints, network, and web channels using automated actions Block command and control activity across network, web, or other channels using automated actions Remove indicators of compromise from infected hosts or rebuild to prevent reinfection Protect Data Use automated discovery and classification tools to identify and mark private data Protect private data in use, at rest, or in motion from accidental or policy-based loss incidents Protect private data in use, at rest, or in motion from malicious loss incidents Prevent exfiltration of private data to known or unknown locations Prevent unauthorized access to private data Use automated encryption to identify and protect data in motion Identify, investigate, and validate policy-based data loss incidents Identify, investigate, and validate malicious data exfiltration attempts Identify, investigate, and validate exploit attempts on databases that host private data Identify, investigate, and validate unauthorized access attempts to applications, databases, or servers that host private data Automatically share data intelligence across sensors and control points Isolate infected hosts or systems using pre-planned response and automated actions Isolate user privileges and access to private data using pre-planned response and automated actions Use automated encryption to identify and correct potential data loss scenarios Protect Cloud Environments Use automated discovery and classification tools to identify cloud applications and mark private data Prevent known or unknown malware installation on cloud infrastructure-as-a-service servers Prevent exploitation of cloud-hosted applications on infrastructure or platform Protect private data in use, at rest, or in motion from accidental or malicious data loss incidents on cloud-hosted applications Identify, investigate, and validate unauthorized access to cloud-based services Identify, investigate, and validate breaches of private data security controls on softwareas-a-service applications Identify, investigate, and validate breaches of private data security controls on hosted applications Automatically share data and malware intelligence across sensors and control points Isolate infected hosts or systems using pre-planned response and automated actions Isolate user privileges and access to private data using pre-planned response and automated actions Use automated encryption to identify and correct potential data loss scenarios to cloud applications Optimize Security Operations Continuously scan to identify and classify private data and data repositories Continuously reduce attack surface for vulnerability and application exploits through patching and vulnerability scanning Continuously monitor for protection control status across all managed end-user devices, databases, and servers Continuously monitor for indicators of compromise, particularly command and control activity Continuously monitor for breaches of private data security controls Continuously monitor for unauthorized access or privilege abuse attempts on systems with private data Use automation and integrated technologies to adapt security postures to prevent reinfection and private data exposure Use automation and integrated technologies to quickly triage suspected infections, insider activity, or data loss indicators 8 Navigating the General Data Protection Regulation Mini Guide

9 Summary Getting ready for the GDPR will be on the minds of many enterprise business and security executives this year. Business executives and organizational security officers must prioritize investments and implement new programs or solutions that ensure the business is ready for the enhanced regulatory environment. McAfee has a wide ranging and deep capability for the requirements of GDPR that protect data at rest and data in transit as well as provide visibility within the cloud. To find out more, visit mcafee.com/gdpr 1. Building Trust in a Cloudy Sky 2. Verizon s 2016 Data Breach Investigations Report 3. Ibid. 4. Ibid. 5. SANS 2017 Incident Response Survey Disclaimer This guide is our informed interpretation of the EU General Data Protection Regulation, and is for information purposes only and it does not constitute legal advice or advice on how to achieve operational privacy and security. It is not incorporated into any contract and does not commit promise or create any legal obligation to deliver any code, result, material or functionality. Furthermore, the information provided herein is subject to change without notice, and is provided AS IS without guarantee or warranty as to the accuracy or applicability of the information to any specific situation or circumstance. If you require legal advice on the requirements of the General Data Protection Regulation, or any other law, or advice on the extent to which McAfee technologies can assist you to achieve compliance with the Regulation or any other law, you are advised to consult a suitably qualified legal professional. If you require advice on the nature of the technical and organizational measures that are required to deliver operational privacy and security in your organization, you should consult a suitably qualified privacy and or security professional. No liability is accepted to any party for any harms or losses suffered in reliance on the contents of this publication 9 Navigating the General Data Protection Regulation Mini Guide

10 About McAfee McAfee is one of the world s leading independent cybersecurity companies. Inspired by the power of working together, McAfee creates business and consumer solutions that make the world a safer place. By building solutions that work with other companies products, McAfee helps businesses orchestrate cyber environments that are truly integrated, where protection, detection and correction of threats happen simultaneously and collaboratively. By protecting consumers across all their devices, McAfee secures their digital lifestyle at home and away. By working with other security players, McAfee is leading the effort to unite against cybercriminals for the benefit of all Mission College Blvd Santa Clara, CA McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in the US and other countries. Other marks and brands may be claimed as the property of others. Copyright 2017 McAfee, LLC. 3582_0917_gd-gdpr-mini-guide SEPTEMBER Navigating the General Data Protection Regulation Mini Guide

GDPR: An Opportunity to Transform Your Security Operations

GDPR: An Opportunity to Transform Your Security Operations GDPR: An Opportunity to Transform Your Security Operations McAfee SIEM solutions improve breach detection and response Is your security operations GDPR ready? General Data Protection Regulation (GDPR)

More information

Building Resilience in a Digital Enterprise

Building Resilience in a Digital Enterprise Building Resilience in a Digital Enterprise Top five steps to help reduce the risk of advanced targeted attacks To be successful in business today, an enterprise must operate securely in the cyberdomain.

More information

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT? NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT? What the new data regulations mean for your business, and how Brennan IT and Microsoft 365 can help. THE REGULATIONS: WHAT YOU NEED TO KNOW Australia:

More information

Security by Default: Enabling Transformation Through Cyber Resilience

Security by Default: Enabling Transformation Through Cyber Resilience Security by Default: Enabling Transformation Through Cyber Resilience FIVE Steps TO Better Security Hygiene Solution Guide Introduction Government is undergoing a transformation. The global economic condition,

More information

CloudSOC and Security.cloud for Microsoft Office 365

CloudSOC and  Security.cloud for Microsoft Office 365 Solution Brief CloudSOC and Email Security.cloud for Microsoft Office 365 DID YOU KNOW? Email is the #1 delivery mechanism for malware. 1 Over 40% of compliance related data in Office 365 is overexposed

More information

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM OVERVIEW The Verizon 2016 Data Breach Investigations Report highlights that attackers are regularly outpacing the defenders.

More information

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches

More information

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002 ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION

More information

Fabrizio Patriarca. Come creare valore dalla GDPR

Fabrizio Patriarca. Come creare valore dalla GDPR Fabrizio Patriarca Come creare valore dalla GDPR Disclaimer Notice: Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data

More information

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool Contact Ashley House, Ashley Road London N17 9LZ 0333 234 4288 info@networkiq.co.uk The General Data Privacy Regulation

More information

McAfee Public Cloud Server Security Suite

McAfee Public Cloud Server Security Suite McAfee Public Cloud Server Security Suite Comprehensive security for AWS and Azure cloud workloads As enterprises shift their data center strategy to include and often lead with public cloud server instances,

More information

Best Practices in Securing a Multicloud World

Best Practices in Securing a Multicloud World Best Practices in Securing a Multicloud World Actions to take now to protect data, applications, and workloads We live in a multicloud world. A world where a multitude of offerings from Cloud Service Providers

More information

Information Security Controls Policy

Information Security Controls Policy Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January

More information

RSA NetWitness Suite Respond in Minutes, Not Months

RSA NetWitness Suite Respond in Minutes, Not Months RSA NetWitness Suite Respond in Minutes, Not Months Overview One can hardly pick up a newspaper or turn on the news without hearing about the latest security breaches. The Verizon 2015 Data Breach Investigations

More information

Office 365 Buyers Guide: Best Practices for Securing Office 365

Office 365 Buyers Guide: Best Practices for Securing Office 365 Office 365 Buyers Guide: Best Practices for Securing Office 365 Microsoft Office 365 has become the standard productivity platform for the majority of organizations, large and small, around the world.

More information

Ten Ways to Prepare for Incident Response

Ten Ways to Prepare for Incident Response Ten Ways to Prepare for Incident Response 1 Ten Ways to Prepare for Incident Response Introduction As a senior consultant on the Foundstone Services incident response and forensic team, I regularly respond

More information

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM RSA NETWITNESS EVOLVED SIEM OVERVIEW A SIEM is technology originally intended for compliance and log management. Later, as SIEMs became the aggregation points for security alerts, they began to be more

More information

McAfee MVISION Cloud. Data Security for the Cloud Era

McAfee MVISION Cloud. Data Security for the Cloud Era McAfee MVISION Cloud Data Security for the Cloud Era McAfee MVISION Cloud protects data where it lives today, with a solution that was built natively in the cloud, for the cloud. It s cloud-native data

More information

DIGITAL TRUST Making digital work by making digital secure

DIGITAL TRUST Making digital work by making digital secure Making digital work by making digital secure MARKET DRIVERS AND CHALLENGES THE ROLE OF IT SECURITY IN THE DIGITAL AGE 2 In today s digital age we see the impact of poor security controls everywhere. Bots

More information

A company built on security

A company built on security Security How we handle security at Flywheel Flywheel was founded in 2012 on a mission to create an exceptional platform to help creatives do their best work. As the leading WordPress hosting provider for

More information

Protecting Your Enterprise Databases from Ransomware

Protecting Your Enterprise Databases from Ransomware Protecting Your Enterprise Databases from Ransomware 1 Protecting Your Enterprise Databases from Ransomware Protecting Your Enterprise Databases from Ransomware Ransomware is no longer the new kid on the

More information

Data Security and Privacy at Handshake

Data Security and Privacy at Handshake Data Security and Privacy at Handshake Introduction 3 A Culture of Security 3 Employee Background Checks 3 Dedicated Security and Privacy Teams 3 Ongoing Team Training 4 Compliance 4 FERPA 4 GDPR 4 Security

More information

SIEM: Five Requirements that Solve the Bigger Business Issues

SIEM: Five Requirements that Solve the Bigger Business Issues SIEM: Five Requirements that Solve the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered

More information

EU GDPR & NEW YORK CYBERSECURITY REQUIREMENTS 3 KEYS TO SUCCESS

EU GDPR & NEW YORK CYBERSECURITY REQUIREMENTS 3 KEYS TO SUCCESS EU GDPR & NEW YORK CYBERSECURITY REQUIREMENTS 3 KEYS TO SUCCESS MEET THE EXPERTS DAVID O LEARY Director, Forsythe Security Solutions THOMAS ECK Director, Forsythe Security Solutions ALEX HANWAY Product

More information

McAfee Total Protection for Data Loss Prevention

McAfee Total Protection for Data Loss Prevention McAfee Total Protection for Data Loss Prevention Protect data leaks. Stay ahead of threats. Manage with ease. Key Advantages As regulations and corporate standards place increasing demands on IT to ensure

More information

Are we breached? Deloitte's Cyber Threat Hunting

Are we breached? Deloitte's Cyber Threat Hunting Are we breached? Deloitte's Cyber Threat Hunting Brochure / report title goes here Section title goes here Have we been breached? Are we exposed? How do we proactively detect an attack and minimize the

More information

Comprehensive Database Security

Comprehensive Database Security Comprehensive Database Security Safeguard against internal and external threats In today s enterprises, databases house some of the most highly sensitive, tightly regulated data the very data that is sought

More information

McAfee epolicy Orchestrator

McAfee epolicy Orchestrator McAfee epolicy Orchestrator Centrally get, visualize, share, and act on security insights Security management requires cumbersome juggling between tools and data. This puts the adversary at an advantage

More information

CYBER RESILIENCE & INCIDENT RESPONSE

CYBER RESILIENCE & INCIDENT RESPONSE CYBER RESILIENCE & INCIDENT RESPONSE www.nccgroup.trust Introduction The threat landscape has changed dramatically over the last decade. Once the biggest threats came from opportunist attacks and preventable

More information

General Data Protection Regulation: Knowing your data. Title. Prepared by: Paul Barks, Managing Consultant

General Data Protection Regulation: Knowing your data. Title. Prepared by: Paul Barks, Managing Consultant General Data Protection Regulation: Knowing your data Title Prepared by: Paul Barks, Managing Consultant Table of Contents 1. Introduction... 3 2. The challenge... 4 3. Data mapping... 7 4. Conclusion...

More information

MITIGATE CYBER ATTACK RISK

MITIGATE CYBER ATTACK RISK SOLUTION BRIEF MITIGATE CYBER ATTACK RISK CONNECTING SECURITY, RISK MANAGEMENT & BUSINESS TEAMS TO MINIMIZE THE WIDESPREAD IMPACT OF A CYBER ATTACK DIGITAL TRANSFORMATION CREATES NEW RISKS As organizations

More information

CipherCloud CASB+ Connector for ServiceNow

CipherCloud CASB+ Connector for ServiceNow ServiceNow CASB+ Connector CipherCloud CASB+ Connector for ServiceNow The CipherCloud CASB+ Connector for ServiceNow enables the full suite of CipherCloud CASB+ capabilities, in addition to field-level

More information

Security Terminology Related to a SOC

Security Terminology Related to a SOC Security Terminology Related to a SOC Cybersecurity literacy is crucial for practicing proper security hygiene. As business leaders develop fluency in the language of information security (infosec), they

More information

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux EU GENERAL DATA PROTECTION: TIME TO ACT Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux Is this the WAY you handle GDPR today 2 3 area s to consider

More information

Google Cloud & the General Data Protection Regulation (GDPR)

Google Cloud & the General Data Protection Regulation (GDPR) Google Cloud & the General Data Protection Regulation (GDPR) INTRODUCTION General Data Protection Regulation (GDPR) On 25 May 2018, the most significant piece of European data protection legislation to

More information

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security

More information

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security

More information

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE EXECUTIVE SUMMARY ALIGNING CYBERSECURITY WITH RISK The agility and cost efficiencies

More information

Guide to Cyber Security Compliance with GDPR

Guide to Cyber Security Compliance with GDPR Guide to Cyber Security Compliance with GDPR Security V1.3 General Data Protection Regulation GDPR Overview What is GDPR? An EU regulation coming into force in May 2018 Which means it applies to all EU

More information

McAfee Skyhigh Security Cloud for Amazon Web Services

McAfee Skyhigh Security Cloud for Amazon Web Services McAfee Skyhigh Security Cloud for Amazon Web Services McAfee Skyhigh Security Cloud for Amazon Web Services (AWS) is a comprehensive monitoring, auditing, and remediation solution for your AWS environment

More information

GDPR Processor Security Controls. GDPR Toolkit Version 1 Datagator Ltd

GDPR Processor Security Controls. GDPR Toolkit Version 1 Datagator Ltd GDPR Processor Security Controls GDPR Toolkit Version 1 Datagator Ltd Implementation Guidance (The header page and this section must be removed from final version of the document) Purpose of this document

More information

2018 Edition. Security and Compliance for Office 365

2018 Edition. Security and Compliance for Office 365 2018 Edition Security and Compliance for Office 365 [Proofpoint has] given us our time back to focus on the really evil stuff. CISO, Global 500 Manufacturer Like millions of businesses around the world,

More information

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security

More information

The CERT Top 10 List for Winning the Battle Against Insider Threats

The CERT Top 10 List for Winning the Battle Against Insider Threats The CERT Top 10 List for Winning the Battle Against Insider Threats Dawn Cappelli CERT Insider Threat Center Software Engineering Institute Carnegie Mellon University Session ID: STAR-203 Session Classification:

More information

Security and Compliance for Office 365

Security and Compliance for Office 365 Security and Compliance for Office 365 [Proofpoint has] given us our time back to focus on the really evil stuff. CISO, Global 500 Manufacturer Like millions of businesses around the world, you may be

More information

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE PREPARATION FOR GDPR IS ESSENTIAL The EU GDPR imposes interrelated obligations for organizations handling

More information

SIEM Solutions from McAfee

SIEM Solutions from McAfee SIEM Solutions from McAfee Monitor. Prioritize. Investigate. Respond. Today s security information and event management (SIEM) solutions need to be able to identify and defend against attacks within an

More information

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Transforming Security from Defense in Depth to Comprehensive Security Assurance Transforming Security from Defense in Depth to Comprehensive Security Assurance February 28, 2016 Revision #3 Table of Contents Introduction... 3 The problem: defense in depth is not working... 3 The new

More information

Sustainable Security Operations

Sustainable Security Operations Sustainable Security Operations Optimize processes and tools to make the most of your team s time and talent The number and types of security incidents organizations face daily are steadily increasing,

More information

to Enhance Your Cyber Security Needs

to Enhance Your Cyber Security Needs Our Service to Enhance Your Cyber Security Needs Since the business critical systems by its nature are ON all of the time and the increasingly connected world makes you open your organization to everything

More information

Integrated Access Management Solutions. Access Televentures

Integrated Access Management Solutions. Access Televentures Integrated Access Management Solutions Access Televentures Table of Contents OVERCOMING THE AUTHENTICATION CHALLENGE... 2 1 EXECUTIVE SUMMARY... 2 2 Challenges to Providing Users Secure Access... 2 2.1

More information

Altitude Software. Data Protection Heading 2018

Altitude Software. Data Protection Heading 2018 Altitude Software Data Protection Heading 2018 How to prevent our Contact Centers from Data Leaks? Why is this a priority for Altitude? How does it affect the Contact Center environment? How does this

More information

CyberArk Privileged Threat Analytics

CyberArk Privileged Threat Analytics CyberArk Privileged Threat Analytics Table of Contents The New Security Battleground: Inside Your Network 3 Privileged account security 3 Collect the right data 4 Detect critical threats 5 Alert on critical

More information

Securing Your Microsoft Azure Virtual Networks

Securing Your Microsoft Azure Virtual Networks Securing Your Microsoft Azure Virtual Networks IPS security for public cloud deployments It s no surprise that public cloud infrastructure has experienced fast adoption. It is quick and easy to spin up

More information

External Supplier Control Obligations. Cyber Security

External Supplier Control Obligations. Cyber Security External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place

More information

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson Delivering Integrated Cyber Defense for the Generation Darren Thomson Vice President & CTO, EMEA Region Symantec In 2009 there were 2,361,414 new piece of malware created. In 2015 that number was 430,555,582

More information

AT&T Endpoint Security

AT&T Endpoint Security AT&T Endpoint Security November 2016 Security Drivers Market Drivers Online business 24 x 7, Always on Globalization Virtual Enterprise Business Process / IT Alignment Financial Drivers CapEx / OpEx Reduction

More information

Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services

Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services Forensic Technology & Discovery Services Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services Forensic Technology & Discovery Services EY s Forensic

More information

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect NOTHING IS WHAT IT SIEMs: COVER PAGE Simpler Way to Effective Threat Management TEMPLATE Dan Pitman Principal Security Architect Cybersecurity is harder than it should be 2 SIEM can be harder than it should

More information

McAfee Advanced Threat Defense

McAfee Advanced Threat Defense Advanced Threat Defense Detect advanced malware Advanced Threat Defense enables organizations to detect advanced, evasive malware and convert threat information into immediate action and protection. Unlike

More information

Global Manufacturer MAUSER Realizes Dream of Interconnected, Adaptive Security a Reality

Global Manufacturer MAUSER Realizes Dream of Interconnected, Adaptive Security a Reality Global Manufacturer MAUSER Realizes Dream of Interconnected, Adaptive Security a Reality McAfee provides a trusted partnership for this agencies security infrastructure MAUSER Group Customer Profile Global

More information

CYBER INSURANCE: MANAGING THE RISK

CYBER INSURANCE: MANAGING THE RISK CYBER INSURANCE: MANAGING THE RISK LEON FOUCHE PARTNER & NATIONAL CYBERSECURITY LEAD BDO AUSTRALIA MEMBER OF THE GLOBAL CYBERSECURITY LEADERSHIP GROUP ii CYBER INSURANCE: MANAGING THE RISK There s no doubt

More information

McAfee Database Security Insights

McAfee Database Security Insights McAfee Database Security Insights Managing the multitude of alerts, reports, and events and sometimes finding the proverbial needle in a haystack is challenging. Monitoring the activity on busy enterprise

More information

Privileged Account Security: A Balanced Approach to Securing Unix Environments

Privileged Account Security: A Balanced Approach to Securing Unix Environments Privileged Account Security: A Balanced Approach to Securing Unix Environments Table of Contents Introduction 3 Every User is a Privileged User 3 Privileged Account Security: A Balanced Approach 3 Privileged

More information

Cybersecurity The Evolving Landscape

Cybersecurity The Evolving Landscape Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG

More information

RSA INCIDENT RESPONSE SERVICES

RSA INCIDENT RESPONSE SERVICES RSA INCIDENT RESPONSE SERVICES Enabling early detection and rapid response EXECUTIVE SUMMARY Technical forensic analysis services RSA Incident Response services are for organizations that need rapid access

More information

Data Loss Prevention Best Practices for Healthcare

Data Loss Prevention Best Practices for Healthcare Data Loss Prevention Best Practices for Healthcare The perils of data loss 1 Data Loss Prevention Best Practices for Healthcare Data Loss Prevention Best Practices for Healthcare The perils of data loss

More information

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting Microsoft Cloud Evangelist at Patriot Consulting Principal Systems Architect with 17 Years of experience Technical certifications: MCSE, MCITP Office

More information

Securing Your Most Sensitive Data

Securing Your Most Sensitive Data Software-Defined Access Securing Your Most Sensitive Data Company Overview Digital Growth Means Digital Threats Digital technologies offer organizations unprecedented opportunities to innovate their way

More information

THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM

THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM Modern threats demand analytics-driven security and continuous monitoring Legacy SIEMs are Stuck in the Past Finding a mechanism to collect, store

More information

Threat Intelligence to enhance Cyber Resiliency KEVIN ALBANO GLOBAL THREAT INTELLIGENCE LEAD IBM X-FORCE INCIDENT RESPONSE AND INTELLIGENCE SERVICES

Threat Intelligence to enhance Cyber Resiliency KEVIN ALBANO GLOBAL THREAT INTELLIGENCE LEAD IBM X-FORCE INCIDENT RESPONSE AND INTELLIGENCE SERVICES Threat Intelligence to enhance Cyber Resiliency KEVIN ALBANO GLOBAL THREAT INTELLIGENCE LEAD IBM X-FORCE INCIDENT RESPONSE AND INTELLIGENCE SERVICES Agenda Welcome Threat Intelligence EcoSystem Cyber Resiliency

More information

McAfee Skyhigh Security Cloud for Citrix ShareFile

McAfee Skyhigh Security Cloud for Citrix ShareFile McAfee Skyhigh Security Cloud for Citrix ShareFile McAfee Skyhigh Security Cloud for Citrix ShareFile helps organizations securely accelerate their business by providing industry-best Data Loss Prevention

More information

locuz.com SOC Services

locuz.com SOC Services locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security

More information

RSA INCIDENT RESPONSE SERVICES

RSA INCIDENT RESPONSE SERVICES RSA INCIDENT RESPONSE SERVICES Enabling early detection and rapid response EXECUTIVE SUMMARY Technical forensic analysis services RSA Incident Response services are for organizations that need rapid access

More information

Automating the Top 20 CIS Critical Security Controls

Automating the Top 20 CIS Critical Security Controls 20 Automating the Top 20 CIS Critical Security Controls SUMMARY It s not easy being today s CISO or CIO. With the advent of cloud computing, Shadow IT, and mobility, the risk surface area for enterprises

More information

How to Prepare a Response to Cyber Attack for a Multinational Company.

How to Prepare a Response to Cyber Attack for a Multinational Company. You Have Been Breached! How to Prepare a Response to Cyber Attack for a Multinational Company. Chayan Chakravarti, MBA, CISM, PMP Patrick Enyart, CISA, CISM, CRISC Presenters Chayan Chakravarti Manager,

More information

Security. Made Smarter.

Security. Made Smarter. Security. Made Smarter. Your job is to keep your organization safe from cyberattacks. To do so, your team has to review a monumental amount of data that is growing exponentially by the minute. Your team

More information

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION INFORMATION TECHNOLOGY SECURITY GUIDANCE TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION ITSM.10.189 October 2017 INTRODUCTION The Top 10 Information Technology (IT) Security

More information

From Managed Security Services to the next evolution of CyberSoc Services

From Managed Security Services to the next evolution of CyberSoc Services From Managed Security Services to the next evolution of CyberSoc Services Gianluca Busco Arré Country Manager pandasecurity.com MSSP / MDR Where the Industry is going leaders and laggers MSSP industry

More information

White Paper. How to Write an MSSP RFP

White Paper. How to Write an MSSP RFP White Paper How to Write an MSSP RFP https://www.solutionary.com (866) 333-2133 Contents 3 Introduction 3 Why a Managed Security Services Provider? 5 Major Items to Consider Before Writing an RFP 5 Current

More information

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective Mapping Your Requirements to the NIST Cybersecurity Framework Industry Perspective 1 Quest has the solutions and services to help your organization identify, protect, detect, respond and recover, better

More information

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security

More information

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient? Canada Highlights Cybersecurity: Do you know which protective measures will make your company cyber resilient? 21 st Global Information Security Survey 2018 2019 1 Canada highlights According to the EY

More information

align security instill confidence

align security instill confidence align security instill confidence cyber security Securing data has become a top priority across all industries. High-profile data breaches and the proliferation of advanced persistent threats have changed

More information

University of Pittsburgh Security Assessment Questionnaire (v1.7)

University of Pittsburgh Security Assessment Questionnaire (v1.7) Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.7) Directions and Instructions for completing this assessment The answers provided

More information

McAfee Endpoint Security

McAfee Endpoint Security McAfee Endpoint Security Frequently Asked Questions Overview You re facing new challenges in light of the increase of advanced malware. Limited integration between threat detection, network, and endpoint

More information

The Insider Threat Center: Thwarting the Evil Insider

The Insider Threat Center: Thwarting the Evil Insider The Insider Threat Center: Thwarting the Evil Insider The CERT Top 10 List for Winning the Battle Against Insider Threats Randy Trzeciak 14 June 2012 2007-2012 Carnegie Mellon University Notices 2011 Carnegie

More information

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045 Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence that

More information

BUILDING SECURITY INTO YOUR DATA CENTER MODERNIZATION STRATEGY

BUILDING SECURITY INTO YOUR DATA CENTER MODERNIZATION STRATEGY SOLUTION OVERVIEW BUILDING SECURITY INTO YOUR DATA CENTER MODERNIZATION STRATEGY Every organization is exploring how technology can help it disrupt current operating models, enabling it to better serve

More information

DATA BREACH NUTS AND BOLTS

DATA BREACH NUTS AND BOLTS DATA BREACH NUTS AND BOLTS Your Company Has Been Hacked Now What? January 20, 2016 Universal City, California Sponsored by Hogan Lovells Moderator: Stephanie Yonekura, Hogan Lovells #IHCC16 Panelists:

More information

Data Sheet The PCI DSS

Data Sheet The PCI DSS Data Sheet The PCI DSS Protect profits by managing payment card risk IT Governance is uniquely qualified to provide Payment Card Industry (PCI) services. Our leadership in cyber security and technical

More information

IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT

IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT NOTICE Clients are responsible for ensuring their own compliance with various laws and regulations, including the

More information

Big data privacy in Australia

Big data privacy in Australia Five-article series Big data privacy in Australia Three actions you can take towards compliance Article 5 Big data and privacy Three actions you can take towards compliance There are three actions that

More information

Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops.

Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops. George Gerchow, Sumo Logic Chief Information Security Officer Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops. Agenda Sumo Security

More information

Securing Office 365 with SecureCloud

Securing Office 365 with SecureCloud Securing Office 365 with SecureCloud 1 Introduction Microsoft Office 365 has become incredibly popular because of the mobility and collaboration it enables. With Office 365, companies always have the latest

More information

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE WHITEPAPER RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE CONTENTS Executive Summary........................................ 3 Transforming How We Think About Security.......................... 4 Assessing

More information

Protect Your End-of-Life Windows Server 2003 Operating System

Protect Your End-of-Life Windows Server 2003 Operating System Protect Your End-of-Life Windows Server 2003 Operating System Your guide to mitigating risks in your Windows Server 2003 Systems after the end of support End of Support is Not the End of Business When

More information

INTRODUCTION. We would like to thank HelpSystems for supporting this unique research. We hope you will enjoy the report.

INTRODUCTION. We would like to thank HelpSystems for supporting this unique research. We hope you will enjoy the report. 2019 SIEM REPORT INTRODUCTION Security Information and Event Management (SIEM) is a powerful technology that allows security operations teams to collect, correlate and analyze log data from a variety of

More information

HIPAA Regulatory Compliance

HIPAA Regulatory Compliance Secure Access Solutions & HIPAA Regulatory Compliance Privacy in the Healthcare Industry Privacy has always been a high priority in the health profession. However, since the implementation of the Health

More information

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS 10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND

More information